It’s time to update your BuddyPress installation

With the release of BuddyPress 1.7 just a few days ago, and with almost 1.5 million downloads behind us, I wanted to take the time to remind everyone about what’s gone into improving BuddyPress recently, and to reassure everyone that it’s okay to update.

In the early days of BuddyPress, things were in flux. Andy and I were furiously building components and features, deprecating code, refactoring the way things worked, and generally tearing up the codebase over and over again. It helped us build a great foundation, but it made updating to the next version a scary and frustrating experience. To those that remember those days, I apologize; to everyone else, I’m sorry you missed out on the fun.

Whenever your WordPress installation checks to see if BuddyPress needs an update, the WordPress.org Extend API remembers the current version of BuddyPress that you’re running. This is how we know (with relative accuracy) approximately how many of what versions are out in the wild, and it’s also how we generated the pinwheel below, taken from the Stats page from WordPress.org Extend:

Every color of the rainbow is clearly represented

Despite the pretty colors, this pie chart is actually a little scary. There are so many old and outdated installations of BuddyPress out there, not taking advantage of the neat new features, and not running the most stable and secure code available. The irony is, this is largely our fault.

These days, BuddyPress is a 1 click update in your WordPress dashboard, and we’ve built a bunch of API’s that allow third party plugin developers to write plugins that won’t break when BuddyPress needs an update. We’ve spent a large part of the past 2 years reinforcing the foundation we invested in, so that no one needs to be afraid to update BuddyPress ever again.

Starting with BuddyPress 1.8, the core team will be focusing our efforts on including automated tests with each enhancement and critical bug fix, to help ensure that each future release gets more stable than the release before it. Boone Gorges and Paul Gibbs both donated huge amounts of labor building a test suite that is already committed into our development branch, just days after BuddyPress 1.7 was packaged up. Their dedication towards making BuddyPress stable and amazing for everyone is unwavering, and their contributions are truly awesome.

If you’re running an old version of BuddyPress, I urge you to check out and update to BuddyPress 1.7. It’s the culmination of thousands of hours of effort, and is the most stable, secure, and performant version of BuddyPress yet. Help us change that pinwheel into more of a Pac-Man or a circle.

It’s very nice to be able to run a custom theme now without all the fuss of a child theme. What a big relief this is for me. It’s just revived all my favorite themes and I am very happy. So happy that I went and bought another host and ran another website with my OLD simple themes that BuddyPress use to spit out when I fed it. Cheers to the BuddyPress team. Much appreciation here.

Big thanks for continuing to develop buddypress, and thinking of the major issues many of us have had with upgrades over the years.

As great as the one-click install / upgrade options are when they work, some of us have web servers with security lock downs that do not allow us to take advantage of the one click option. I would love to see some real instructions added to https://codex.buddypress.org/user/buddypress-site-administration/upgrading-buddypress/ for those of us that have to download, unzip, and ftp the files.. like do we deactivate all plugins first? Do we delete all the old buddypress files before uploading anew? Is there anything in our themes that needs updating? Anything security wise that needs to be deleted that a buddypress upgrade by uploading via ftp will not overwrite?

Another major issue for not upgrading, is that many live communities depend on functionality of plugins that break with almost every upgrade. It some instances it better for the individual community to keep compatibility with plugins that are used often, and miss any “new features” that buddypress comes out with.

Of course if it’s a security issue, then I suppose we are left with no choice but to abandon the plugins our users have come to rely on to make the community cool… but there has been little info about the importance of security enhancements from what I have seen over the past several updates. With so many plugins graciously given away to the community that functioned fine at one time, it is hard to ask all the authors to update them every few months, for free, and some of the best plugins do not get updates, even if money is offered to authors – they seem nowhere to be found.

It sounds like the buddypress devs are taking the scary breaking of things as an important priority now and in the future – this is good news, as hopefully we will have a more stable code base, and plugins will not fail as often in future upgrades as things become more stable for the base code – that is great news, glad to hear it.

A message showing the new version/update to last versions users would be good and interesting thing to do…. Most people don’t update afraid their site will break, if you guys assure it won’t, why not let them know.

Apart from that, hell of a work you guys have done and are still doing. Congrats! =)

To have 50% installations in 1.6.x isn’t that bad. 1.7 is pretty new and you can’t update a network wide plugin if there isn’t enough time for live testing and bug fixing on that day. But the concerns are more about the like 45% <1.6 installations, I guess?